Vulnerabilities > Python > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-6507 Unspecified vulnerability in Python 3.12.0/3.13.0
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms.
network
low complexity
python
4.9
2023-10-17 CVE-2023-45803 urllib3 is a user-friendly HTTP client library for Python.
high complexity
python fedoraproject
4.2
2023-10-15 CVE-2018-25091 Open Redirect vulnerability in Python Urllib3
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme).
network
low complexity
python CWE-601
6.1
2023-08-25 CVE-2023-40217 Unspecified vulnerability in Python
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5.
network
low complexity
python
5.3
2023-08-22 CVE-2022-48564 Resource Exhaustion vulnerability in multiple products
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
network
low complexity
python netapp CWE-400
6.5
2023-08-22 CVE-2022-48566 Race Condition vulnerability in multiple products
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1.
network
high complexity
python debian netapp CWE-362
5.9
2023-08-15 CVE-2023-38898 Unspecified vulnerability in Python 3.13.0
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component.
network
low complexity
python
5.3
2023-06-07 CVE-2023-33595 Use After Free vulnerability in Python 3.12.0
CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.
local
low complexity
python CWE-416
5.5
2023-05-26 CVE-2023-32681 Requests is a HTTP library.
network
high complexity
python fedoraproject
6.1
2023-04-19 CVE-2023-27043 Improper Input Validation vulnerability in Python
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character.
network
low complexity
python CWE-20
5.3